November 2014 Archives

2014-11-20 23:50:18

jabberd with FS and without SSL3

If you use a stock Red Hat / Centos 5 OpenSSL package then you will maybe notice that SSL3 is still enabled. This will be "punished" by the IM Observatory. In order to manually disable the ancient SSLv2 and SSLv3 protocols you just need an extra call of SSL_CTX_set_options.

2014-11-19 23:57:58

OpenSSL updates/enhancements for RHEL / Centos 5

As already mentioned Red Hat's reaction to POODLE was some kind of halfheartedly. They provide "resolutions" how to disable SSLv3 on services like i.e. postfix or apache. Red Hat does not provide a modified OpenSSL package which radically removes the ancient SSLv3 (and SSLv2) protocol code from OpenSSL. This has numerous causes like:

A rebuild of many dependent packages will maybe necessary.

Totally disabling SSLv3 may have drawbacks on software which actually needs it (which is against the enterprise philosophy).

Patching OpenSSL is a nightmare due to countless bugs in this crappy software (see Heartbleed, POODLE, comments of the LibreSSL authors and - of course - the source code).

A switch of OpenSSL 0.9.8 to OpenSSL 1 would have even more impacts. But using OpenSSL 1 as an additional package together with an SSLv3-stripped OpenSSL 0.9.8 is a nice solution to remove unsafe code and to provide modern encryption. This was my way.

Update 2016-05-21: ***
Well, this "rpmbuild -ba jabberd.spec" is just an example for compiling/ rpmbuilding an RPM package (in this case "jabberd") with the openssl1 RPM package. If you want i.e. dovecot to use openssl1 package then you must rebuild it with something like "rpmbuild --rebuild dovecot.src.rpm".Please let me explain the RHEL SSL trouble more in detail:

RHEL as "enterprise linux" (CentOS as well) will never do big changes in their packages. In this case it is OpenSSL 0.98. RHEL will always stay on this release and will only provide important security patches.
The reason for that is that all packages with SSL (like apache, postfix, dovecot) are using this package. Updating OpenSSL to version 1 would require ALL these packages to be recompiled.
As a workaround for this trouble I created this RPM package "openssl1" to be additionally installed beside RHEL's openssl package. If you have installed the openssl1-devel package then all C headers and C libs for compiling are installed and you can recompile/rebuild the software you would like to have all SSL Ciphers and security and modern encryption like the RHEL/CentOS 6 packages have.
But please keep in mind that this does not mean that old RPM packages like RHEL 5's dovecot would get also i.e. ECDH encryption out of the box. For ECDH support you will mostly need a small patch. In case of "dovecot" I already did that: The dovecot-1.0.7-9.el5_11.4.log.dh.i386.rpm in my YUM repo contains 3 important patches. It logs the cipher/encrpytion used, it has bigger DH params (2048 bits) and it has EC cryptography support. Testing it with ssltest.sh:

2014-11-08 22:09:46

jabberd Forward Secrecy patch

jabberd2 is a widely used XMPP server written in C. Release 2.2.17 is also the base for Apple's ChatServer. This release has support for a custom TLS cipher list but it is hardcoded in source. It does not support DHE ciphers due to missing usage of DH params. The latest release (2.3.2) still lacks this support for Forward Secrecy. There's a commit of 2014-03-17 in its git repository at github. But this commit only uses a fixed / pre-computed set of DH params and does not offer configurable DH param support i.e. by files (maybe cron generated).

If these files does not exist then internal defaults will be used. The files may be updated at running time. If a new TLS connections requires reading of the DH parms then the mod time will be checked. If it has changed then the new file(s) will be read and used. To get "real" forward secrecy you should regularly update the DH params with something like

2014-11-02 23:07:32

Mac OS X 10.4 disable SSL3

This blog post will show you how to disable the SSL3 protocol in the system ssl lib on Mac OS X 10.4 PPC. This is only for educational purposes because it does not protect you against POODLE attacks. It will not turn your OS into a secure OS. You must recompile many other packages like Kerberos Framework, Mail.app and more with special configurations and/or patches to have POODLE protection and (only) Forward Secrecy ciphers.

The patch contains more changes than just calling 'configure' with the no-ssl3 option. You know the OpenSSL guys? Those guys with Heartbleed and the fantastic Debian co-work causing 16 bit entropy? Using the no-ssl3 option causes defining OPENSSL_NO_SSL3 while compile time. But this will also disable SSL3 ciphers because the programmers don't distinguish between ciphers and protocol. The patch removes SSLv2 code in all code parts and removes SSLv3 protocol code in server and client.

Another "feature" of the openssl build system is the include of the system's openssl header. The most simple way to avoid this is to rename it (and our goal is to replace it after successful compiling):

# mv /usr/include/openssl /usr/include/openssl.off

The patched header has a different default cipher list with FS ciphers.

Before compiling we do a test by launching a local server and connecting to it. The local server: